add experiments.buildHttp to build http(s):// imports instead of keeping them external
keeps a webpack.lock file with integrity and webpack.lock.data with cached content that should be committed
Automatically upgrades lockfile during development when remote resources change
(might be disabled with experiments.buildHttp.upgrade: false)
Lockfile is frozen during production builds and usually no network requests are made
(exception: Cache-Control: no-cache).
The webpack.lock.data persisting can be disabled with experiments.buildHttp.cacheLocation: false.
That will will introduce a availability risk.
(webpack cache will be used to cache network responses)
Bugfixes
fix HMR infinite loop (again)
fix rare non-determinism with splitChunks.maxSize introduces in the last release
optional modules no longer cause the module to fail when bail is set
fix typo in records format: chunkHashs -> chunkHashes
Performance
limit the number of parallel generated chunks for memory reasons
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Updates the requirements on webpack to permit the latest version.
Release notes
Sourced from webpack's releases.
Commits
d386838
5.49.0150d370
Merge pull request #13918 from privatenumber/hashes-typof8acab3
Merge pull request #13944 from webpack/bugfix/115949e735a7
Merge pull request #13943 from webpack/bugfix/split-chunks-max-size-determini...c6856e2
optional modules will not fail the build when bail is set0605b88
fix indeterminism with splitChunks.maxSizea6e9f59
Merge pull request #13932 from webpack/bugfix/infinite-loopd77d863
Merge pull request #13925 from webpack/feature/http-urls9bf6797
fix resolving context for redirects30ebedd
fix handling of new URL() in remote resourcesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)